<?php
$loginpage = true;

require "includes/header.php";

if ($_POST['Login'] == "Log in") 
{
    $login = mysql_real_escape_string($_POST['login']);
    $password = mysql_real_escape_string($_POST['password']);

    $sql = "SELECT user_id, user_first_name FROM `users` WHERE `user_name` = '" . $login . "' AND `user_pass` = '" . substr(md5("bla" . $password), 1) . "';";

    $result = mysql_query($sql);

    if (mysql_num_rows($result) == 1) 
	{
        $rij = mysql_fetch_array($result);
        $_SESSION['ingelogd'] = true;
        $_SESSION['user_name'] = $rij['user_first_name'];
        $_SESSION['user_id'] = $rij['user_id'];
        echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;URL=index.php\">";
        die();
    } 
	else 
	{
        $foutmelding = "Deze gegevens bestaan niet.";
    }
}
?>
<div id="latest-post" class="post">
    <h1 class="title">Welkom op de website!</h1>
    <div class="entry">
        <p>
        <form method="post">
            Naam
            <br/>
            <input name="login" />
            <br/>
            <br/>
            Wachtwoord
            <br>
            <input name="password" type="password" />
            <br/>
            <br/>
            <input name="Login" type="submit" value="Log in"/>
            <br/>
            <br/>
            <?
            echo $foutmelding;
            ?>
        </form>
        </p>
    </div>
</div>
<?
require "includes/footer.php";
?>